1. Field of the Invention
The present invention relates to a method for securely paying for goods or services using a mobile radio device and a base telecommunication station which communicates with the mobile radio device via electromagnetic waves. The present invention also relates to a system for paying for goods or services.
2. Description of the Prior Art
Conventionally, goods in a shop, for example, are paid for either in cash, with a check or electronically using a credit card or a card issued by a financial institution specifically for this purpose. A disadvantage of such methods of payment is that the purchaser must carry either cash or specific cards.
There is also the option of using so-called telephone banking methods to make transfers by telephone. To do this, the user dials up his financial institution's telecommunication device, for example. Next, the person wishing to make the transfer is authenticated for security reasons. If the user turns out to be authorized to make the appropriate transfers, the user transmits the data required for the transfer. The data can be communicated to another person associated with the financial institution by speaking to him, for example. It is also possible for the user's telephone to transmit to the financial institution's telecommunication device short messages containing all the data required for the transfer. The financial institution can then make the transfer on the basis of these short messages.
To transmit personal information or access authorization information securely, the appropriate data is encrypted before transmission. Encryption, often called scrambling, is understood as the conversion of data into an unreadable form. Both encryption and decryption virtually always require some secret information, which is usually referred to as a key.
In a symmetrical encryption method, the same key is used both for scrambling and for unscrambling. The DES (Data Encryption Standard) is part of the symmetrical encryption method. In this method, transformation of the original text into the scrambled text includes a succession of mathematical operations such as permutations, nonlinear substitutions and logical product formations. In this context, a key which is individual to the user is used.
Asymmetrical encryption methods constitute the opposite of the symmetrical methods. In this case, different keys are used for scrambling and unscrambling, the nature of the keys being such that data which has been scrambled using one key can be unscrambled again only using the other key.
Telephone banking methods also can be carried out using mobile radio devices, such as mobile telephones. Mobile telephones based on the GSM standard include, firstly, the actual telephone with input and display devices and, secondly, a so-called SIM card having a personal identification number (PIN) stored in encrypted form. However, it is also possible to have the SIM card carry out additional applications which need to satisfy high levels of security requirements. (SIM Application Tool Kit, GSM 11.14). The data required for a transfer can be entered using the input device on the mobile telephone. The mobile telephone's SIM card can then be used for authentication required specifically for the transfer. Access to these offered items is made possible by novel technology. For this purpose, the user requires a mobile radio telephone with an integrated SIM Toolkit and a SIM card which supports the new added-value functions. To get to the virtual bank counter, the customer switches on his mobile telephone, enters the PIN number and selects his financial institution from the menu. Once the mobile radio telephone has dialed up the bank's server, the user can access his bank account within a few seconds.
In addition, so-called CTS (Cellular Telephony System) applications are known. Such systems include a base station and a mobile telephone for domestic use. The base station receives the associated mobile telephone's calls internally free of charge and forwards them to the landline network.
An object of the present invention, therefore, is to provide a method and a system for securely paying for goods or services which is simple, secure and inexpensive for the purchaser and the vendor.